/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */ /* * Authors: Jeffrey Stedfast * * Copyright 2001 Ximian, Inc. (www.ximian.com) * * This program is free software; you can redistribute it and/or * modify it under the terms of version 2 of the GNU General Public * License as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public * License along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * */ #ifdef HAVE_CONFIG_H #include #endif #ifdef HAVE_OPENSSL #include "camel-tcp-stream-ssl.h" #include #include #include #include #include #include #include #include #include #include #include "camel-session.h" #include "camel-service.h" #include "camel-operation.h" #ifdef ENABLE_THREADS #include #endif #define d(x) #define TIMEOUT_USEC (10000) static CamelTcpStreamClass *parent_class = NULL; /* Returns the class for a CamelTcpStreamSSL */ #define CTSR_CLASS(so) CAMEL_TCP_STREAM_SSL_CLASS (CAMEL_OBJECT_GET_CLASS (so)) static ssize_t stream_read (CamelStream *stream, char *buffer, size_t n); static ssize_t stream_write (CamelStream *stream, const char *buffer, size_t n); static int stream_flush (CamelStream *stream); static int stream_close (CamelStream *stream); static int stream_connect (CamelTcpStream *stream, struct hostent *host, int port); static int stream_getsockopt (CamelTcpStream *stream, CamelSockOptData *data); static int stream_setsockopt (CamelTcpStream *stream, const CamelSockOptData *data); static CamelTcpAddress *stream_get_local_address (CamelTcpStream *stream); static CamelTcpAddress *stream_get_remote_address (CamelTcpStream *stream); static SSL *open_ssl_connection (CamelService *service, int sockfd, CamelTcpStreamSSL *openssl); struct _CamelTcpStreamSSLPrivate { int sockfd; SSL *ssl; CamelService *service; char *expected_host; gboolean ssl_mode; }; static void camel_tcp_stream_ssl_class_init (CamelTcpStreamSSLClass *camel_tcp_stream_ssl_class) { CamelTcpStreamClass *camel_tcp_stream_class = CAMEL_TCP_STREAM_CLASS (camel_tcp_stream_ssl_class); CamelStreamClass *camel_stream_class = CAMEL_STREAM_CLASS (camel_tcp_stream_ssl_class); parent_class = CAMEL_TCP_STREAM_CLASS (camel_type_get_global_classfuncs (camel_tcp_stream_get_type ())); /* virtual method overload */ camel_stream_class->read = stream_read; camel_stream_class->write = stream_write; camel_stream_class->flush = stream_flush; camel_stream_class->close = stream_close; camel_tcp_stream_class->connect = stream_connect; camel_tcp_stream_class->getsockopt = stream_getsockopt; camel_tcp_stream_class->setsockopt = stream_setsockopt; camel_tcp_stream_class->get_local_address = stream_get_local_address; camel_tcp_stream_class->get_remote_address = stream_get_remote_address; /* init OpenSSL stuff */ SSLeay_add_ssl_algorithms (); SSL_load_error_strings (); } static void camel_tcp_stream_ssl_init (gpointer object, gpointer klass) { CamelTcpStreamSSL *stream = CAMEL_TCP_STREAM_SSL (object); stream->priv = g_new0 (struct _CamelTcpStreamSSLPrivate, 1); stream->priv->sockfd = -1; } static void camel_tcp_stream_ssl_finalize (CamelObject *object) { CamelTcpStreamSSL *stream = CAMEL_TCP_STREAM_SSL (object); if (stream->priv->ssl) { SSL_shutdown (stream->priv->ssl); if (stream->priv->ssl->ctx) { SSL_CTX_free (stream->priv->ssl->ctx); } SSL_free (stream->priv->ssl); } if (stream->priv->sockfd != -1) close (stream->priv->sockfd); g_free (stream->priv->expected_host); g_free (stream->priv); } CamelType camel_tcp_stream_ssl_get_type (void) { static CamelType type = CAMEL_INVALID_TYPE; if (type == CAMEL_INVALID_TYPE) { type = camel_type_register (camel_tcp_stream_get_type (), "CamelTcpStreamSSL", sizeof (CamelTcpStreamSSL), sizeof (CamelTcpStreamSSLClass), (CamelObjectClassInitFunc) camel_tcp_stream_ssl_class_init, NULL, (CamelObjectInitFunc) camel_tcp_stream_ssl_init, (CamelObjectFinalizeFunc) camel_tcp_stream_ssl_finalize); } return type; } /** * camel_tcp_stream_ssl_new: * @service: camel service * @expected_host: host that the stream is expecting to connect with. * * Since the SSL certificate authenticator may need to prompt the * user, a CamelService is needed. @expected_host is needed as a * protection against an MITM attack. * * Return value: a ssl stream (in ssl mode) **/ CamelStream * camel_tcp_stream_ssl_new (CamelService *service, const char *expected_host) { CamelTcpStreamSSL *stream; stream = CAMEL_TCP_STREAM_SSL (camel_object_new (camel_tcp_stream_ssl_get_type ())); stream->priv->service = service; stream->priv->expected_host = g_strdup (expected_host); stream->priv->ssl_mode = TRUE; return CAMEL_STREAM (stream); } /** * camel_tcp_stream_ssl_new_raw: * @service: camel service * @expected_host: host that the stream is expecting to connect with. * * Since the SSL certificate authenticator may need to prompt the * user, a CamelService is needed. @expected_host is needed as a * protection against an MITM attack. * * Return value: a ssl-capable stream (in non ssl mode) **/ CamelStream * camel_tcp_stream_ssl_new_raw (CamelService *service, const char *expected_host) { CamelTcpStreamSSL *stream; stream = CAMEL_TCP_STREAM_SSL (camel_object_new (camel_tcp_stream_ssl_get_type ())); stream->priv->service = service; stream->priv->expected_host = g_strdup (expected_host); stream->priv->ssl_mode = FALSE; return CAMEL_STREAM (stream); } static int ssl_errno (SSL *ssl, int ret) { switch (SSL_get_error (ssl, ret)) { case SSL_ERROR_NONE: return 0; case SSL_ERROR_ZERO_RETURN: /* this one does not map well at all */ d(printf ("ssl_errno: SSL_ERROR_ZERO_RETURN\n")); return EINVAL; case SSL_ERROR_WANT_READ: /* non-fatal; retry */ case SSL_ERROR_WANT_WRITE: /* non-fatal; retry */ d(printf ("ssl_errno: SSL_ERROR_WANT_[READ,WRITE]\n")); return EAGAIN; case SSL_ERROR_SYSCALL: d(printf ("ssl_errno: SSL_ERROR_SYSCALL\n")); return EINTR; case SSL_ERROR_SSL: d(printf ("ssl_errno: SSL_ERROR_SSL <-- very useful error...riiiiight\n")); return EINTR; default: d(printf ("ssl_errno: default error\n")); return EINTR; } } /** * camel_tcp_stream_ssl_enable_ssl: * @stream: ssl stream * * Toggles an ssl-capable stream into ssl mode (if it isn't already). * * Returns 0 on success or -1 on fail. **/ int camel_tcp_stream_ssl_enable_ssl (CamelTcpStreamSSL *stream) { SSL *ssl; g_return_val_if_fail (CAMEL_IS_TCP_STREAM_SSL (stream), -1); if (stream->priv->sockfd != -1 && !stream->priv->ssl_mode) { ssl = open_ssl_connection (stream->priv->service, stream->priv->sockfd, stream); if (ssl == NULL) { stream->priv->sockfd = -1; return -1; } stream->priv->ssl = ssl; } stream->priv->ssl_mode = TRUE; return 0; } static ssize_t stream_read (CamelStream *stream, char *buffer, size_t n) { CamelTcpStreamSSL *openssl = CAMEL_TCP_STREAM_SSL (stream); SSL *ssl = openssl->priv->ssl; ssize_t nread; int cancel_fd; if (camel_operation_cancel_check (NULL)) { errno = EINTR; return -1; } cancel_fd = camel_operation_cancel_fd (NULL); if (cancel_fd == -1) { do { if (ssl) { nread = SSL_read (ssl, buffer, n); if (nread < 0) errno = ssl_errno (ssl, nread); } else { nread = read (openssl->priv->sockfd, buffer, n); } } while (nread < 0 && (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)); } else { int error, flags, fdmax; struct timeval timeout; fd_set rdset; flags = fcntl (openssl->priv->sockfd, F_GETFL); fcntl (openssl->priv->sockfd, F_SETFL, flags | O_NONBLOCK); fdmax = MAX (openssl->priv->sockfd, cancel_fd) + 1; do { FD_ZERO (&rdset); FD_SET (openssl->priv->sockfd, &rdset); FD_SET (cancel_fd, &rdset); timeout.tv_sec = 0; timeout.tv_usec = TIMEOUT_USEC; select (fdmax, &rdset, 0, 0, &timeout); if (FD_ISSET (cancel_fd, &rdset)) { fcntl (openssl->priv->sockfd, F_SETFL, flags); errno = EINTR; return -1; } do { if (ssl) { nread = SSL_read (ssl, buffer, n); if (nread < 0) errno = ssl_errno (ssl, nread); } else { nread = read (openssl->priv->sockfd, buffer, n); } } while (nread < 0 && errno == EINTR); } while (nread < 0 && (errno == EAGAIN || errno == EWOULDBLOCK)); error = errno; fcntl (openssl->priv->sockfd, F_SETFL, flags); errno = error; } return nread; } static ssize_t stream_write (CamelStream *stream, const char *buffer, size_t n) { CamelTcpStreamSSL *openssl = CAMEL_TCP_STREAM_SSL (stream); SSL *ssl = openssl->priv->ssl; ssize_t w, written = 0; int cancel_fd; if (camel_operation_cancel_check (NULL)) { errno = EINTR; return -1; } cancel_fd = camel_operation_cancel_fd (NULL); if (cancel_fd == -1) { do { do { if (ssl) { w = SSL_write (ssl, buffer + written, n - written); if (w < 0) errno = ssl_errno (ssl, w); } else { w = write (openssl->priv->sockfd, buffer + written, n - written); } } while (w < 0 && (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK)); if (w > 0) written += w; } while (w != -1 && written < n); } else { int error, flags, fdmax; struct timeval timeout; fd_set rdset, wrset; flags = fcntl (openssl->priv->sockfd, F_GETFL); fcntl (openssl->priv->sockfd, F_SETFL, flags | O_NONBLOCK); fdmax = MAX (openssl->priv->sockfd, cancel_fd) + 1; do { FD_ZERO (&rdset); FD_ZERO (&wrset); FD_SET (openssl->priv->sockfd, &wrset); FD_SET (cancel_fd, &rdset); timeout.tv_sec = 0; timeout.tv_usec = TIMEOUT_USEC; select (fdmax, &rdset, &wrset, 0, &timeout); if (FD_ISSET (cancel_fd, &rdset)) { fcntl (openssl->priv->sockfd, F_SETFL, flags); errno = EINTR; return -1; } do { if (ssl) { w = SSL_write (ssl, buffer + written, n - written); if (w < 0) errno = ssl_errno (ssl, w); } else { w = write (openssl->priv->sockfd, buffer + written, n - written); } } while (w < 0 && errno == EINTR); if (w < 0) { if (errno == EAGAIN || errno == EWOULDBLOCK) { w = 0; } else { error = errno; fcntl (openssl->priv->sockfd, F_SETFL, flags); errno = error; return -1; } } else written += w; } while (w >= 0 && written < n); fcntl (openssl->priv->sockfd, F_SETFL, flags); } return written; } static int stream_flush (CamelStream *stream) { return 0; } static void close_ssl_connection (SSL *ssl) { if (ssl) { SSL_shutdown (ssl); if (ssl->ctx) SSL_CTX_free (ssl->ctx); SSL_free (ssl); } } static int stream_close (CamelStream *stream) { close_ssl_connection (((CamelTcpStreamSSL *)stream)->priv->ssl); ((CamelTcpStreamSSL *)stream)->priv->ssl = NULL; if (close (((CamelTcpStreamSSL *)stream)->priv->sockfd) == -1) return -1; ((CamelTcpStreamSSL *)stream)->priv->sockfd = -1; return 0; } /* this is a 'cancellable' connect, cancellable from camel_operation_cancel etc */ /* returns -1 & errno == EINTR if the connection was cancelled */ static int socket_connect (struct hostent *h, int port) { struct sockaddr_in sin; int fd; int ret; socklen_t len; struct timeval tv; int cancel_fd; /* see if we're cancelled yet */ if (camel_operation_cancel_check (NULL)) { errno = EINTR; return -1; } /* setup connect, we do it using a nonblocking socket so we can poll it */ sin.sin_port = htons (port); sin.sin_family = h->h_addrtype; memcpy (&sin.sin_addr, h->h_addr, sizeof (sin.sin_addr)); fd = socket (h->h_addrtype, SOCK_STREAM, 0); cancel_fd = camel_operation_cancel_fd (NULL); if (cancel_fd == -1) { ret = connect (fd, (struct sockaddr *)&sin, sizeof (sin)); if (ret == -1) { close (fd); return -1; } return fd; } else { fd_set rdset, wrset; int flags, fdmax; flags = fcntl (fd, F_GETFL); fcntl (fd, F_SETFL, flags | O_NONBLOCK); ret = connect (fd, (struct sockaddr *)&sin, sizeof (sin)); if (ret == 0) { fcntl (fd, F_SETFL, flags); return fd; } if (errno != EINPROGRESS) { close (fd); return -1; } FD_ZERO (&rdset); FD_ZERO (&wrset); FD_SET (fd, &wrset); FD_SET (cancel_fd, &rdset); fdmax = MAX (fd, cancel_fd) + 1; tv.tv_usec = 0; tv.tv_sec = 60 * 4; if (select (fdmax, &rdset, &wrset, 0, &tv) == 0) { close (fd); errno = ETIMEDOUT; return -1; } if (cancel_fd != -1 && FD_ISSET (cancel_fd, &rdset)) { close (fd); errno = EINTR; return -1; } else { len = sizeof (int); if (getsockopt (fd, SOL_SOCKET, SO_ERROR, &ret, &len) == -1) { close (fd); return -1; } if (ret != 0) { close (fd); errno = ret; return -1; } } fcntl (fd, F_SETFL, flags); } return fd; } static void save_ssl_cert (const char *certid) { char *path, *filename; struct stat st; int fd; path = g_strdup_printf ("%s/.camel_certs", getenv ("HOME")); if (mkdir (path, 0700) == -1) { if (errno != EEXIST) return; if (stat (path, &st) == -1) return; if (!S_ISDIR (st.st_mode)) return; } filename = g_strdup_printf ("%s/%s", path, certid); g_free (path); fd = open (filename, O_WRONLY | O_CREAT, 0600); if (fd != -1) close (fd); g_free (filename); } static gboolean ssl_cert_is_saved (const char *certid) { char *filename; struct stat st; filename = g_strdup_printf ("%s/.camel_certs/%s", getenv ("HOME"), certid); if (stat (filename, &st) == -1) { g_free (filename); return FALSE; } g_free (filename); return st.st_uid == getuid (); } static int ssl_verify (int ok, X509_STORE_CTX *ctx) { CamelTcpStreamSSL *stream; X509 *cert; SSL *ssl; int err; ssl = X509_STORE_CTX_get_ex_data (ctx, SSL_get_ex_data_X509_STORE_CTX_idx ()); stream = SSL_CTX_get_app_data (ssl->ctx); cert = X509_STORE_CTX_get_current_cert (ctx); err = X509_STORE_CTX_get_error (ctx); if (stream) ok = ssl_cert_is_saved (stream->priv->expected_host); if (!ok && stream) { CamelService *service = stream->priv->service; char *prompt, *cert_str; char buf[257]; #define GET_STRING(name) X509_NAME_oneline (name, buf, 256) cert_str = g_strdup_printf (_("Issuer: %s\n" "Subject: %s"), GET_STRING (X509_get_issuer_name (cert)), GET_STRING (X509_get_subject_name (cert))); prompt = g_strdup_printf (_("Bad certificate from %s:\n\n%s\n\n" "Do you wish to accept anyway?"), service->url->host, cert_str); ok = camel_session_alert_user (service->session, CAMEL_SESSION_ALERT_WARNING, prompt, TRUE); g_free (prompt); if (ok) save_ssl_cert (stream->priv->expected_host); } return ok; } static SSL * open_ssl_connection (CamelService *service, int sockfd, CamelTcpStreamSSL *openssl) { SSL_CTX *ssl_ctx = NULL; SSL *ssl = NULL; int n; /* SSLv23_client_method will negotiate with SSL v2, v3, or TLS v1 */ ssl_ctx = SSL_CTX_new (SSLv23_client_method ()); g_return_val_if_fail (ssl_ctx != NULL, NULL); SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_PEER, &ssl_verify); ssl = SSL_new (ssl_ctx); SSL_set_fd (ssl, sockfd); SSL_CTX_set_app_data (ssl_ctx, openssl); n = SSL_connect (ssl); if (n != 1) { int errnosave = ssl_errno (ssl, n); SSL_shutdown (ssl); if (ssl->ctx) SSL_CTX_free (ssl->ctx); SSL_free (ssl); ssl = NULL; close (sockfd); errno = errnosave; } return ssl; } static int stream_connect (CamelTcpStream *stream, struct hostent *host, int port) { CamelTcpStreamSSL *openssl = CAMEL_TCP_STREAM_SSL (stream); SSL *ssl = NULL; int fd; g_return_val_if_fail (host != NULL, -1); fd = socket_connect (host, port); if (fd == -1) return -1; if (openssl->priv->ssl_mode) { ssl = open_ssl_connection (openssl->priv->service, fd, openssl); if (!ssl) return -1; } openssl->priv->sockfd = fd; openssl->priv->ssl = ssl; return 0; } static int get_sockopt_level (const CamelSockOptData *data) { switch (data->option) { case CAMEL_SOCKOPT_MAXSEGMENT: case CAMEL_SOCKOPT_NODELAY: return IPPROTO_TCP; default: return SOL_SOCKET; } } static int get_sockopt_optname (const CamelSockOptData *data) { switch (data->option) { case CAMEL_SOCKOPT_MAXSEGMENT: return TCP_MAXSEG; case CAMEL_SOCKOPT_NODELAY: return TCP_NODELAY; case CAMEL_SOCKOPT_BROADCAST: return SO_BROADCAST; case CAMEL_SOCKOPT_KEEPALIVE: return SO_KEEPALIVE; case CAMEL_SOCKOPT_LINGER: return SO_LINGER; case CAMEL_SOCKOPT_RECVBUFFERSIZE: return SO_RCVBUF; case CAMEL_SOCKOPT_SENDBUFFERSIZE: return SO_SNDBUF; case CAMEL_SOCKOPT_REUSEADDR: return SO_REUSEADDR; case CAMEL_SOCKOPT_IPTYPEOFSERVICE: return SO_TYPE; default: return -1; } } static int stream_getsockopt (CamelTcpStream *stream, CamelSockOptData *data) { int optname, optlen; if ((optname = get_sockopt_optname (data)) == -1) return -1; if (data->option == CAMEL_SOCKOPT_NONBLOCKING) { int flags; flags = fcntl (((CamelTcpStreamSSL *)stream)->priv->sockfd, F_GETFL); if (flags == -1) return -1; data->value.non_blocking = flags & O_NONBLOCK; return 0; } return getsockopt (((CamelTcpStreamSSL *)stream)->priv->sockfd, get_sockopt_level (data), optname, (void *) &data->value, &optlen); } static int stream_setsockopt (CamelTcpStream *stream, const CamelSockOptData *data) { int optname; if ((optname = get_sockopt_optname (data)) == -1) return -1; if (data->option == CAMEL_SOCKOPT_NONBLOCKING) { int flags, set; flags = fcntl (((CamelTcpStreamSSL *)stream)->priv->sockfd, F_GETFL); if (flags == -1) return -1; set = data->value.non_blocking ? 1 : 0; flags = (flags & ~O_NONBLOCK) | (set & O_NONBLOCK); if (fcntl (((CamelTcpStreamSSL *)stream)->priv->sockfd, F_SETFL, flags) == -1) return -1; return 0; } return setsockopt (((CamelTcpStreamSSL *)stream)->priv->sockfd, get_sockopt_level (data), optname, (void *) &data->value, sizeof (data->value)); } static CamelTcpAddress * stream_get_local_address (CamelTcpStream *stream) { struct sockaddr_in sin; socklen_t len; if (getsockname (CAMEL_TCP_STREAM_SSL (stream)->priv->sockfd, (struct sockaddr *)&sin, &len) == -1) return NULL; return camel_tcp_address_new (CAMEL_TCP_ADDRESS_IPV4, sin.sin_port, 4, &sin.sin_addr); } static CamelTcpAddress * stream_get_remote_address (CamelTcpStream *stream) { struct sockaddr_in sin; socklen_t len; if (getpeername (CAMEL_TCP_STREAM_SSL (stream)->priv->sockfd, (struct sockaddr *)&sin, &len) == -1) return NULL; return camel_tcp_address_new (CAMEL_TCP_ADDRESS_IPV4, sin.sin_port, 4, &sin.sin_addr); } #endif /* HAVE_OPENSSL */